{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90363?format=json","vulnerability_id":"VCID-he5a-srth-rydf","summary":"The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.","aliases":[{"alias":"CVE-2006-2906"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/927390?format=json","purl":"pkg:deb/debian/libgd2@2.0.33-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.0.33-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1035353?format=json","purl":"pkg:deb/debian/libgd2@2.0.33-5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pj7-5gy9-97f7"},{"vulnerability":"VCID-34yj-pb2j-5faa"},{"vulnerability":"VCID-3bce-bp4m-3bcy"},{"vulnerability":"VCID-3v99-kbeq-47d8"},{"vulnerability":"VCID-45dp-3xz9-qyd3"},{"vulnerability":"VCID-4ehv-84qa-fubx"},{"vulnerability":"VCID-4eyx-7fmr-r7dm"},{"vulnerability":"VCID-6xda-97rd-9bam"},{"vulnerability":"VCID-6ysv-9bmx-w7df"},{"vulnerability":"VCID-75xx-y3xu-cqe2"},{"vulnerability":"VCID-7d1e-wnq6-4qfr"},{"vulnerability":"VCID-7rvx-8x2z-7kdm"},{"vulnerability":"VCID-9wvm-w1qk-xycw"},{"vulnerability":"VCID-9zks-j1fv-ukew"},{"vulnerability":"VCID-b878-mmfs-e3g1"},{"vulnerability":"VCID-busj-qfth-v7e3"},{"vulnerability":"VCID-cr4d-8dhn-gkgq"},{"vulnerability":"VCID-ek5b-jujn-bqet"},{"vulnerability":"VCID-fcm8-f9e6-83b4"},{"vulnerability":"VCID-fwyg-v128-k7c9"},{"vulnerability":"VCID-g1b8-dkd3-j3a2"},{"vulnerability":"VCID-g3zj-r8ag-a7ej"},{"vulnerability":"VCID-habv-tr8c-rucd"},{"vulnerability":"VCID-hwys-fv79-b7d8"},{"vulnerability":"VCID-j15c-u5ty-jug1"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-jhzv-9ey6-gkdz"},{"vulnerability":"VCID-jun7-q9ts-ebfe"},{"vulnerability":"VCID-k6qv-tnq5-ybd7"},{"vulnerability":"VCID-ku2g-q6cg-ayhc"},{"vulnerability":"VCID-m3ve-pf4u-9qhh"},{"vulnerability":"VCID-n7w7-16vs-z3gg"},{"vulnerability":"VCID-pnee-e13t-57a2"},{"vulnerability":"VCID-qqe4-4aja-j7dz"},{"vulnerability":"VCID-r7yv-ryzk-z3e8"},{"vulnerability":"VCID-s33d-rhg8-wqej"},{"vulnerability":"VCID-s83u-wk4f-wkfd"},{"vulnerability":"VCID-sszm-mvm2-m7ee"},{"vulnerability":"VCID-svg5-jd8s-mbb5"},{"vulnerability":"VCID-szfb-zfrk-4qha"},{"vulnerability":"VCID-tfaf-hb2s-fyb9"},{"vulnerability":"VCID-tttf-2akk-57ez"},{"vulnerability":"VCID-vqee-h72u-hbar"},{"vulnerability":"VCID-vya2-pzx7-m7c1"},{"vulnerability":"VCID-x14b-aaj3-nyed"},{"vulnerability":"VCID-x635-b1cj-m7d7"},{"vulnerability":"VCID-yhfa-jcqy-wkdx"},{"vulnerability":"VCID-zp5r-wjhe-u7b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.0.33-5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/927387?format=json","purl":"pkg:deb/debian/libgd2@2.3.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/927385?format=json","purl":"pkg:deb/debian/libgd2@2.3.3-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.3-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/927388?format=json","purl":"pkg:deb/debian/libgd2@2.3.3-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.3-13%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035351?format=json","purl":"pkg:deb/debian/libgd2@2.0.1-10woody2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pj7-5gy9-97f7"},{"vulnerability":"VCID-29sd-8qne-53d1"},{"vulnerability":"VCID-2bcm-xg5v-kyaw"},{"vulnerability":"VCID-34yj-pb2j-5faa"},{"vulnerability":"VCID-3bce-bp4m-3bcy"},{"vulnerability":"VCID-3v99-kbeq-47d8"},{"vulnerability":"VCID-45dp-3xz9-qyd3"},{"vulnerability":"VCID-49jr-gtjs-1ba9"},{"vulnerability":"VCID-4ehv-84qa-fubx"},{"vulnerability":"VCID-4eyx-7fmr-r7dm"},{"vulnerability":"VCID-6xda-97rd-9bam"},{"vulnerability":"VCID-6ysv-9bmx-w7df"},{"vulnerability":"VCID-75xx-y3xu-cqe2"},{"vulnerability":"VCID-7d1e-wnq6-4qfr"},{"vulnerability":"VCID-7rvx-8x2z-7kdm"},{"vulnerability":"VCID-9wvm-w1qk-xycw"},{"vulnerability":"VCID-9zks-j1fv-ukew"},{"vulnerability":"VCID-b878-mmfs-e3g1"},{"vulnerability":"VCID-busj-qfth-v7e3"},{"vulnerability":"VCID-cr4d-8dhn-gkgq"},{"vulnerability":"VCID-ek5b-jujn-bqet"},{"vulnerability":"VCID-fcm8-f9e6-83b4"},{"vulnerability":"VCID-fwyg-v128-k7c9"},{"vulnerability":"VCID-g1b8-dkd3-j3a2"},{"vulnerability":"VCID-g3zj-r8ag-a7ej"},{"vulnerability":"VCID-gcg3-b5bm-73dw"},{"vulnerability":"VCID-habv-tr8c-rucd"},{"vulnerability":"VCID-he5a-srth-rydf"},{"vulnerability":"VCID-hwys-fv79-b7d8"},{"vulnerability":"VCID-j15c-u5ty-jug1"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-jhzv-9ey6-gkdz"},{"vulnerability":"VCID-jun7-q9ts-ebfe"},{"vulnerability":"VCID-k6qv-tnq5-ybd7"},{"vulnerability":"VCID-ku2g-q6cg-ayhc"},{"vulnerability":"VCID-m3ve-pf4u-9qhh"},{"vulnerability":"VCID-n7w7-16vs-z3gg"},{"vulnerability":"VCID-pnee-e13t-57a2"},{"vulnerability":"VCID-qqe4-4aja-j7dz"},{"vulnerability":"VCID-r7yv-ryzk-z3e8"},{"vulnerability":"VCID-s33d-rhg8-wqej"},{"vulnerability":"VCID-s83u-wk4f-wkfd"},{"vulnerability":"VCID-sszm-mvm2-m7ee"},{"vulnerability":"VCID-svg5-jd8s-mbb5"},{"vulnerability":"VCID-szfb-zfrk-4qha"},{"vulnerability":"VCID-tfaf-hb2s-fyb9"},{"vulnerability":"VCID-tttf-2akk-57ez"},{"vulnerability":"VCID-vqee-h72u-hbar"},{"vulnerability":"VCID-vya2-pzx7-m7c1"},{"vulnerability":"VCID-x14b-aaj3-nyed"},{"vulnerability":"VCID-x635-b1cj-m7d7"},{"vulnerability":"VCID-yhfa-jcqy-wkdx"},{"vulnerability":"VCID-zp5r-wjhe-u7b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.0.1-10woody2"},{"url":"http://public2.vulnerablecode.io/api/packages/1035352?format=json","purl":"pkg:deb/debian/libgd2@2.0.33-1.1sarge1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pj7-5gy9-97f7"},{"vulnerability":"VCID-2bcm-xg5v-kyaw"},{"vulnerability":"VCID-34yj-pb2j-5faa"},{"vulnerability":"VCID-3bce-bp4m-3bcy"},{"vulnerability":"VCID-3v99-kbeq-47d8"},{"vulnerability":"VCID-45dp-3xz9-qyd3"},{"vulnerability":"VCID-4ehv-84qa-fubx"},{"vulnerability":"VCID-4eyx-7fmr-r7dm"},{"vulnerability":"VCID-6xda-97rd-9bam"},{"vulnerability":"VCID-6ysv-9bmx-w7df"},{"vulnerability":"VCID-75xx-y3xu-cqe2"},{"vulnerability":"VCID-7d1e-wnq6-4qfr"},{"vulnerability":"VCID-7rvx-8x2z-7kdm"},{"vulnerability":"VCID-9wvm-w1qk-xycw"},{"vulnerability":"VCID-9zks-j1fv-ukew"},{"vulnerability":"VCID-b878-mmfs-e3g1"},{"vulnerability":"VCID-busj-qfth-v7e3"},{"vulnerability":"VCID-cr4d-8dhn-gkgq"},{"vulnerability":"VCID-ek5b-jujn-bqet"},{"vulnerability":"VCID-fcm8-f9e6-83b4"},{"vulnerability":"VCID-fwyg-v128-k7c9"},{"vulnerability":"VCID-g1b8-dkd3-j3a2"},{"vulnerability":"VCID-g3zj-r8ag-a7ej"},{"vulnerability":"VCID-habv-tr8c-rucd"},{"vulnerability":"VCID-he5a-srth-rydf"},{"vulnerability":"VCID-hwys-fv79-b7d8"},{"vulnerability":"VCID-j15c-u5ty-jug1"},{"vulnerability":"VCID-j52b-eq6b-dqae"},{"vulnerability":"VCID-jhzv-9ey6-gkdz"},{"vulnerability":"VCID-jun7-q9ts-ebfe"},{"vulnerability":"VCID-k6qv-tnq5-ybd7"},{"vulnerability":"VCID-ku2g-q6cg-ayhc"},{"vulnerability":"VCID-m3ve-pf4u-9qhh"},{"vulnerability":"VCID-n7w7-16vs-z3gg"},{"vulnerability":"VCID-pnee-e13t-57a2"},{"vulnerability":"VCID-qqe4-4aja-j7dz"},{"vulnerability":"VCID-r7yv-ryzk-z3e8"},{"vulnerability":"VCID-s33d-rhg8-wqej"},{"vulnerability":"VCID-s83u-wk4f-wkfd"},{"vulnerability":"VCID-sszm-mvm2-m7ee"},{"vulnerability":"VCID-svg5-jd8s-mbb5"},{"vulnerability":"VCID-szfb-zfrk-4qha"},{"vulnerability":"VCID-tfaf-hb2s-fyb9"},{"vulnerability":"VCID-tttf-2akk-57ez"},{"vulnerability":"VCID-vqee-h72u-hbar"},{"vulnerability":"VCID-vya2-pzx7-m7c1"},{"vulnerability":"VCID-x14b-aaj3-nyed"},{"vulnerability":"VCID-x635-b1cj-m7d7"},{"vulnerability":"VCID-yhfa-jcqy-wkdx"},{"vulnerability":"VCID-zp5r-wjhe-u7b3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.0.33-1.1sarge1"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2906.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2906","reference_id":"","reference_type":"","scores":[{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94581","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94588","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94595","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94598","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94608","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94616","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94619","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94632","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94635","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94641","published_at":"2026-04-24T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94642","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94651","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94659","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94668","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94674","published_at":"2026-05-11T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94679","published_at":"2026-05-12T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94693","published_at":"2026-05-16T12:55:00Z"},{"value":"0.15275","scoring_system":"epss","scoring_elements":"0.94697","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372912","reference_id":"372912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372912"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27981.c","reference_id":"CVE-2006-2906;OSVDB-26260","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27981.c"},{"reference_url":"https://www.securityfocus.com/bid/18294/info","reference_id":"CVE-2006-2906;OSVDB-26260","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/18294/info"},{"reference_url":"https://usn.ubuntu.com/298-1/","reference_id":"USN-298-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/298-1/"}],"weaknesses":[],"exploits":[{"date_added":"2006-06-06","description":"GD Graphics Library 2.0.33 - Remote Denial of Service","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2006-06-06","exploit_type":"dos","platform":"linux","source_date_updated":"2013-08-31","data_source":"Exploit-DB","source_url":"https://www.securityfocus.com/bid/18294/info"}],"severity_range_score":null,"exploitability":"2.0","weighted_severity":"0.1","risk_score":0.2,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-he5a-srth-rydf"}